package com.bw.crop.config;/*
 * This class is part of the white paper entitled
 * "Digital Signatures for PDF documents"
 * written by Bruno Lowagie
 * 
 * For more info, go to: http://itextpdf.com/learn
 */

import com.itextpdf.text.DocumentException;
import com.itextpdf.text.Image;
import com.itextpdf.text.Rectangle;
import com.itextpdf.text.pdf.PdfReader;
import com.itextpdf.text.pdf.PdfSignatureAppearance;
import com.itextpdf.text.pdf.PdfStamper;
import com.itextpdf.text.pdf.security.*;
import com.itextpdf.text.pdf.security.MakeSignature.CryptoStandard;
import org.bouncycastle.jce.provider.BouncyCastleProvider;

import java.io.FileOutputStream;
import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.Security;
import java.security.cert.Certificate;

public class SignHelloUtils {

	public static final String KEYSTORE = "E:\\pdf\\keystore\\lt.p12";
	public static final char[] PASSWORD = "123456".toCharArray();
//	public static final String SRC = "E:\\pdf\\keystore\\test.pdf";
//	public static final String DEST = "test_lts.pdf";
	
	public void sign(String src, String dest,
			Certificate[] chain,
			PrivateKey pk, String digestAlgorithm, String provider,
			CryptoStandard subfilter,
			String reason, String location,String imageUrl)
					throws GeneralSecurityException, IOException, DocumentException {
        // Creating the reader and the stamper
        PdfReader reader = new PdfReader(src);
        FileOutputStream os = new FileOutputStream(dest);
        PdfStamper stamper = PdfStamper.createSignature(reader, os, '\0');
        // Creating the appearance
        PdfSignatureAppearance appearance = stamper.getSignatureAppearance();
        appearance.setReason(reason);
        appearance.setLocation(location);
        appearance.setVisibleSignature(new Rectangle(400, 400, 200, 200), 1, "sign");

		//增加电子签章
		Image instance = Image.getInstance(imageUrl);
		appearance.setSignatureGraphic(instance);
		appearance.setRenderingMode(PdfSignatureAppearance.RenderingMode.GRAPHIC);

		// Creating the signature
        ExternalDigest digest = new BouncyCastleDigest();
        ExternalSignature signature = new PrivateKeySignature(pk, digestAlgorithm, provider);
        MakeSignature.signDetached(appearance, digest, signature, chain, null, null, null, 0, subfilter);
	}

//	public static void main(String[] args) throws GeneralSecurityException, IOException, DocumentException {
//		BouncyCastleProvider provider = new BouncyCastleProvider();
//		Security.addProvider(provider);
//		KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
//		ks.load(new FileInputStream(KEYSTORE), PASSWORD);
//        String alias = (String)ks.aliases().nextElement();
//        PrivateKey pk = (PrivateKey) ks.getKey(alias, PASSWORD);
//        Certificate[] chain = ks.getCertificateChain(alias);
//		SignHelloUtils app = new SignHelloUtils();
//		app.sign(SRC, String.format(DEST, 1), chain, pk, DigestAlgorithms.SHA256, provider.getName(), CryptoStandard.CMS, "Test 1", "Ghent","E:\\专高五\\录屏\\12.14day06\\sign.png");
//		//app.sign(SRC, String.format(DEST, 2), chain, pk, DigestAlgorithms.SHA512, provider.getName(), CryptoStandard.CMS, "Test 2", "Ghent");
//		//app.sign(SRC, String.format(DEST, 3), chain, pk, DigestAlgorithms.SHA256, provider.getName(), CryptoStandard.CADES, "Test 3", "Ghent");
//		//app.sign(SRC, String.format(DEST, 4), chain, pk, DigestAlgorithms.RIPEMD160, provider.getName(), CryptoStandard.CADES, "Test 4", "Ghent");
//	}

	public static void create(String SRC, String DEST) throws GeneralSecurityException, IOException, DocumentException {
		BouncyCastleProvider provider = new BouncyCastleProvider();
		Security.addProvider(provider);
		KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
		ks.load(Files.newInputStream(Paths.get(KEYSTORE)), PASSWORD);
		String alias = (String) ks.aliases().nextElement();
		PrivateKey pk = (PrivateKey) ks.getKey(alias, PASSWORD);
		Certificate[] chain = ks.getCertificateChain(alias);
		SignHelloUtils app = new SignHelloUtils();
		app.sign(SRC, String.format(DEST, 1), chain, pk, DigestAlgorithms.SHA256, provider.getName(), CryptoStandard.CMS, "Test 1", "Ghent", "E:\\专高五\\test.png");
	}

}